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—While this invention has been described in conjunction with specific embodiments 
thereof, it is evident that many alternatives, modifications and variations will be apparent to 
those skilled in the art. Accordingly, the preferred embodiments of the invention as set forth 
herein, are intended to be illustrative, not limiting. Various changes may be made without 
departing from the true spirit and full scope of the invention as set forth herein and defined in the 
claims — 

IN THE CLAIMS: 

Please cancel claims 1-19 in their entirety and without prejudice and add the following 
new claims: 




^•^20. A process for creating and managing pairs of asymmetrical cryptographic keys 
and associated .certificates, each pair of keys being intended for a subject managed by a computer 
system (1), comprising: 

searching in stotage means (7) for at least one subject for which a pair of asymmetric 
keys and an associated certificate must be created; 
B • creating at least one first individual request for creating and certifying a pair of 

7 asymmetric keys for said sufe|ect; 

8 • transmitting a key generation request corresponding to said first individual creation and 

9 certification request to a key generating center (8), which issues a pair of asymmetric 

10 keys in accordance with said key generation request; 

1 1 • creating at least one second individual requfe^for certifying the public key created for 

12 said subject; and \^ 

13 • transmitting a certification authority request corresponding to said second individual 

14 certification request to a certification authority (12), v^u^ issues a certificate in 

15 accordance with said request. 
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1 2h . A process according to claim 20, comprising creating a pair of keys must be 

2 created forNa given subject when said subject lacks a pair of keys and a corresponding first 

3 individual cremation and certification request, or when a pair of keys has been requested for said 

4 subject, or when, the certificate of a pair of keys for said subject intended for an identical use has 

5 been revoked and\ new pair of keys has been requested. 
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22. A proems according to claim 20, further comprising executing said process 
\ 



\ 
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A process acc^^jding to claim 20, wherein each individual first and second request 
is created fi-om corresponding n^iiltiple creation and certification requests stored in the storage 

means (7) relative to a set of subj^ts belonging to a preset list or to a set of subjects defined by 

\ 

predetermined criteria, as well as to'-^^odel pairs of keys and associated model certificates for the 
set in question. \ 

\ 
\ 

\ 

\ 

24. A process according to claiV 21, wherein each individual first and second request 
is created from corresponding multiple creatipn and certification requests stored in the storage 
means (7) relative to a set of subjects belongirig to a preset list or to a set of subjects defined by 
predetermined criteria, as well as to model pairs\f keys and associated model certificates for the 
set in question. 



1 25. A process according to claim 22, whereha each individual first and second request 

2 is created from corresponding muhiple creation and certification requests stored in the storage 

3 means (7) relative to a set of subjects belonging to a preset list or to a set of subjects defined by 

4 predetermined criteria, as well as to model pairs of keys and ^ociated model certificates for the 

5 set in question. 
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1 \ 26. A process according to claim 23, comprising searching in each of the muhiple 

2 creationyand certification requests of the system for all of the subjects in a condition such that a 

3 pair of ke\s must be created. 

1 27. \\ process according to claim 24, comprising searching in each of the multiple 

2 creation and certification requests of the system for all of the subjects in a condition such that a 

3 pair of keys must b^reated. 

1 28. A proce\^according to claim 25, comprising searching in each of the multiple 

2 creation and certification requests of the system for all of the subjects in a condition such that a 

3 pair of keys must be createc 

1 29. A process for crelating and managing certificates for pairs of asymmetrical 

2 cryptographic keys, each certificate being intended for a pair of asymmetrical cryptographic keys 

3 for a subject managed by a compute^ system (1), comprising: 

4 • searching in storage means (7^ for at least one pair of asymmetric keys for the public key 

5 for which a certificate must be\reated; 

6 • creating at least one individual certification request for certifying a public key; 

7 • transmitting a certification authority request corresponding to said individual certification 

8 request to a certification authority (I4), which issues a certificate in accordance with said 

9 request. 




1 30. A process according to claim 29, fofther comprising creating the certificate for a 

2 given subject when said subject lacks a certificate an individual certification request, or 

\ 

3 when a certificate has been requested for said subject,\or when the certificate of a pair of keys for 

4 said subject expires, or when the certificate of a pair ofN^eys has been revoked. 

V 
V 

\ 

1 3 1 . A process according to claim 29 comprising^ecuting said process periodically. 

\ 

4 • \ 
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32\ A process according to claim 30 comprising executing said process periodically. 

1 33. \A process according to claim 30, comprising creating the certificate for a given 

2 subject when thea:ertificate expires during this period. 

1 34. A proe^ess according to claim 3 1 , comprising creating the certificate for a given 

2 subject when the certifi<^ate expires during this period. 

1 35. A process according to claim 32, comprising creating the certificate for a given 

2 subject when the certificate expires during this period. 



36. A process according to claim 29, further comprising creating each individual 

2 request from a corresponding multiple certification request recorded in the storage means (7) 

3 relative to a set of pairs of keys for suqiects belonging to a preset list or to a set of pairs of keys 

4 for subjects defined by predetermined criteria, as well as to associated model certificates for the 

5 set in question. 

\ 

1 37. A process according to claim 36^further comprising creating each individual 

2 request from a corresponding multiple certification request recorded in the storage means (7) 

3 relative to a set of pairs of keys for subjects belonging to a preset list or to a set of pairs of keys 

4 for subjects defined by predetermined criteria, as weH as to associated model certificates for the 

5 set in question. \ 



\ 



1 38. A process according to claim 3 1 , further comprising creating each individual 

2 request from a corresponding multiple certification request recorded in the storage means (7) 

3 relative to a set of pairs of keys for subjects belonging to a pre^st list or to a set of pairs of keys 

4 for subjects defined by predetermined criteria, as well as to associated model certificates for the 

5 set in question. 
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1 39. A process according to claim 33, further comprising creating each individual 

2 request frorn a corresponding multiple certification request recorded in the storage means (7) 

3 relative to a set of pairs of keys for subjects belonging to a preset list or to a set of pairs of keys 

4 for subjects defined by predetermined criteria, as well as to associated model certificates for the 

5 set in question. 



1 40. A process^^cording to claim 36 further comprising searching in each of the 

2 multiple certification requests of the system for all of the subjects in a condition such that a 

3 certificate must be created, 

\ 

1 41 . A process according Ho claim 37 further comprising searching in each of the 

2 multiple certification requests of the sj^tem for all of the subjects in a condition such that a 

3 certificate must be created. \ 

\ 

1 42. A process according to claim 3^fiirther comprising searching in each of the 

2 multiple certification requests of the system for '^1 of the subjects in a condition such that a 

3 certificate must be created. \ 

\ 

\ 

V 

1 43. A process according to claim 39 fiarther'^^mprising searching in each of the 

2 multiple certification requests of the system for all of the^ubjects in a condition such that a 

3 certificate must be created. - 



1 44. A process according to claim 20, characterized irmiat each multiple request 

2 comprises an attribute relative to at least one execution date and in niat said process consists of 

3 including in the search only the multiple requests whose expiration date has arrived. 



ati^^s 

\ 

\ 



6 



T2 147-90631 3 AJS 3771/PB(CALVEZ) 

1 45. A process according to claim 20, characterized in that it consists of performing 

2 the encoding of one or more extensions in accordance with one or more given rules and of 

3 entering the ei^coded extension or extensions into the individual certification request during the 

4 creation of said^i^ividual certification request. 

1 46. A probess according to claim 20, comprising changing the value of an attribute 

2 contained in each of the^dividual first and second requests to indicate status of the process. 

\ 

1 47. A computer s^^tem (1) for creating and managing pairs of asymmetrical 

2 cryptographic keys and certifick^s associated with the pairs of keys, the pairs of keys and the 
^3 certificates being intended for su^^cts managed by said system, comprising a key generating 

4 center (8) for creating at least one pair of keys at the request of the local registration authority (5) 

5 with which the key generating center opmmunicates; at least one certification authority (12) to 

6 which the system has access for creating^a certificate at the request of the local registration 

7 authority (5) and means for automating thei creation and/or certification of at least one pair of 

8 keys for each subject managed by the systeiTW(l). 

1 48. A computer system (1) according\o claim 47, further comprising: 

2 • a central management service (3) for creating, updating and consulting objects and 

3 subjects managed by said system; 

4 • a local registration authority (5) for handUng thdy^creation and/or the certification of keys 

5 intended for the objects and the subjects; 

6 • a central security base (7) containing the subjects an^i the objects managed by the system 

7 with which the local registration authority communicates; 

8 • a key generating center (8) for creating at least one pair of keys at the request of the local 

9 registration authority (5) with which the key generating center communicates; and 

10 at least one certification authority (12) to which the system has acces^^ for creating a certificate at 

1 1 the request of the local registration authority (5). 
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1 \ 49. A computer system according to claim 47, including a wake up 

2 mechamsm (6) for periodically waking up the local registration authority (5). 

1 50. \ A computer system according to claim 48 including a wake up 

2 mechanism (6)Sto periodically wake up the local registration authority (5). 

1 5 1 . A prbcess for creating and managing symmetrical cryptographic keys, 

2 each key being intended for a subject managed by a computer system (1), 

3 characterized in that it consists of: 

4 • searching in storag\means (7) for at least one subject for which a symmetric 

5 key must be created; 

6 • creating at least one individual request for creating a symmetric key for said 

7 subject; 

8 • transmitting a key generating, request corresponding to said individual creation 

9 request to a key generating center (8), and 

10 • issuing by said key generating center a symmetric key in accordance with said 

1 1 transmitted key generating request) 

1 52. A computer system (1) for crea^ng symmetrical cryptographic keys, 

2 for managing subjects by said system, characterized in that it comprises a key 

3 generating center (8) for creating at least one pair of keys at the request of the local 

4 registration authority (5) with which the key generating center communicates; at least 

5 one certification authority (12) to which the system has ^cess for creating a 

6 certificate at the request of the local registration authority (5) and means for 

7 automating the creation of at least one key for each subject managed by the system 

8 (1).- 

—Z \ 

1 50. A computer system according tp^claim 48 including a^^ake up 



2 mechanism (6) to periodically wake up the^local registration authority (5). 




1 5 1 . A process for creating and managing symmetrical cryptographic keys, 

2 each key being intended fopa subject managed b.j^ computer system (1), 

3 characterized in that it.cbnsists of: ^ 
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